CVE-2023-32315 is a path traversal vulnerability affecting the Openfire admin console, a well-known open-source chat server. This vulnerability has been exploited in the wild, but a new approach has been discovered by VulnCheck that streamlines the attack process and adeptly bypasses the generation of log entries.
Openfire CVE-2023-32315 has been exploited in various ways, but most exploits follow a simple pattern: Use the path traversal to create an administrative user, log in, and then upload a plugin to achieve code execution. However, VulnCheck has demonstrated an improved exploit that avoids creating an administrative user, significantly reducing the amount of logging the attacker introduces.
Approximately 50% of the internet-facing Openfire servers are using affected versions. While this is only a few thousand servers, it's a significant number given the server's trusted position associated with chat clients.